]> git.saurik.com Git - apt.git/blame - test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
add --sha512 option + documentation for apt-ftparchive
[apt.git] / test / integration / test-ubuntu-bug-1098738-apt-get-source-md5sum
CommitLineData
1262d358
DK
1#!/bin/sh
2set -e
3
4TESTDIR=$(readlink -f $(dirname $0))
5. $TESTDIR/framework
6
7setupenvironment
8configarchitecture 'native'
9
10cat > aptarchive/Sources <<EOF
11Package: pkg-md5-ok
12Binary: pkg-md5-ok
13Version: 1.0
14Maintainer: Joe Sixpack <joe@example.org>
15Architecture: all
16Files:
895417ef
DK
17 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
18 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz
1262d358
DK
19
20Package: pkg-sha256-ok
21Binary: pkg-sha256-ok
22Version: 1.0
23Maintainer: Joe Sixpack <joe@example.org>
24Architecture: all
25Files:
895417ef
DK
26 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc
27 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz
1262d358 28Checksums-Sha1:
895417ef
DK
29 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc
30 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz
1262d358 31Checksums-Sha256:
895417ef
DK
32 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
33 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz
1262d358
DK
34
35Package: pkg-sha256-bad
36Binary: pkg-sha256-bad
37Version: 1.0
38Maintainer: Joe Sixpack <joe@example.org>
39Architecture: all
40Files:
895417ef
DK
41 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc
42 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz
1262d358 43Checksums-Sha1:
895417ef
DK
44 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc
45 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz
1262d358 46Checksums-Sha256:
895417ef
DK
47 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
48 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
1262d358 49
63d60998
DK
50Package: pkg-md5-bad
51Binary: pkg-md5-bad
52Version: 1.0
53Maintainer: Joe Sixpack <joe@example.org>
54Architecture: all
55Files:
56 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
57 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz
58
1262d358
DK
59Package: pkg-no-md5
60Binary: pkg-no-md5
61Version: 1.0
62Maintainer: Joe Sixpack <joe@example.org>
63Architecture: all
64Checksums-Sha1:
895417ef
DK
65 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc
66 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz
1262d358 67Checksums-Sha256:
895417ef
DK
68 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc
69 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz
1262d358
DK
70
71Package: pkg-mixed-ok
72Binary: pkg-mixed-ok
73Version: 1.0
74Maintainer: Joe Sixpack <joe@example.org>
75Architecture: all
76Checksums-Sha1:
895417ef 77 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz
1262d358 78Checksums-Sha256:
895417ef 79 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc
1262d358
DK
80
81Package: pkg-mixed-sha1-bad
82Binary: pkg-mixed-sha1-bad
83Version: 1.0
84Maintainer: Joe Sixpack <joe@example.org>
85Architecture: all
86Checksums-Sha1:
895417ef 87 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc
1262d358 88Checksums-Sha256:
895417ef 89 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz
1262d358
DK
90
91Package: pkg-mixed-sha2-bad
92Binary: pkg-mixed-sha2-bad
93Version: 1.0
94Maintainer: Joe Sixpack <joe@example.org>
95Architecture: all
96Checksums-Sha1:
895417ef 97 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc
1262d358 98Checksums-Sha256:
895417ef 99 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz
1262d358
DK
100
101Package: pkg-md5-disagree
102Binary: pkg-md5-disagree
103Version: 1.0
104Maintainer: Joe Sixpack <joe@example.org>
105Architecture: all
106Files:
895417ef
DK
107 9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc
108 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz
109 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc
110 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz
1262d358
DK
111
112Package: pkg-md5-agree
113Binary: pkg-md5-agree
114Version: 1.0
115Maintainer: Joe Sixpack <joe@example.org>
116Architecture: all
117Files:
895417ef
DK
118 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
119 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
120 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
121 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
1262d358
DK
122
123Package: pkg-sha256-disagree
124Binary: pkg-sha256-disagree
125Version: 1.0
126Maintainer: Joe Sixpack <joe@example.org>
127Architecture: all
128Files:
895417ef
DK
129 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc
130 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz
1262d358 131Checksums-Sha1:
895417ef
DK
132 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc
133 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz
1262d358 134Checksums-Sha256:
895417ef
DK
135 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc
136 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz
137 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc
138 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz
1262d358
DK
139EOF
140
141# create fetchable files
142for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
143 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
63d60998
DK
144 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
145 'pkg-md5-bad'; do
895417ef
DK
146 echo -n 'dsc' > aptarchive/${x}_1.0.dsc
147 echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
1262d358
DK
148done
149
63d60998 150setupaptarchive --no-update
1262d358
DK
151changetowebserver
152testsuccess aptget update
153
03aa0847
DK
154cd downloaded
155
1262d358
DK
156testok() {
157 rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
25b86db1 158 testsuccessequal "Reading package lists...
1262d358 159Building dependency tree...
895417ef 160Need to get 6 B of source archives.
1da3b7b8
DK
161Get:1 http://localhost:8080 $1 1.0 (dsc) [3 B]
162Get:2 http://localhost:8080 $1 1.0 (tar) [3 B]
1262d358
DK
163Download complete and in download only mode" aptget source -d "$@"
164 msgtest 'Files were successfully downloaded for' "$1"
165 testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
166 rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
167}
168
169testkeep() {
895417ef
DK
170 echo -n 'dsc' > ${1}_1.0.dsc
171 echo -n 'tar' > ${1}_1.0.tar.gz
25b86db1 172 testsuccessequal "Reading package lists...
1262d358
DK
173Building dependency tree...
174Skipping already downloaded file '${1}_1.0.dsc'
175Skipping already downloaded file '${1}_1.0.tar.gz'
176Need to get 0 B of source archives.
177Download complete and in download only mode" aptget source -d "$@"
178 msgtest 'Files already downloaded are kept for' "$1"
179 testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
180 rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
181}
182
63d60998
DK
183testnohash() {
184 #FIXME: Maybe we should fail in this case instead of skipping
185 rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
186 testsuccessequal "Reading package lists...
187Building dependency tree...
188Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
189Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
190Need to get 0 B of source archives.
191Download complete and in download only mode" aptget source -d "$@"
192 msgtest 'Files are not downloaded for' "$1"
193 testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
194}
195
1262d358
DK
196testmismatch() {
197 rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
25b86db1 198 testfailureequal "Reading package lists...
1262d358 199Building dependency tree...
895417ef 200Need to get 6 B of source archives.
1da3b7b8 201Get:1 http://localhost:8080 $1 1.0 (dsc) [3 B]
1eb1836f 202Err:1 http://localhost:8080 $1 1.0 (dsc)
448c38bd 203 Hash Sum mismatch
1da3b7b8 204Get:2 http://localhost:8080 $1 1.0 (tar) [3 B]
1eb1836f 205Err:2 http://localhost:8080 $1 1.0 (tar)
448c38bd 206 Hash Sum mismatch
1262d358
DK
207E: Failed to fetch http://localhost:8080/${1}_1.0.dsc Hash Sum mismatch
208
209E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz Hash Sum mismatch
210
211E: Failed to fetch some archives." aptget source -d "$@"
212 msgtest 'Files were not download as they have hashsum mismatches for' "$1"
213 testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
214
63d60998
DK
215 if [ "$2" != '--allow-unauthenticated' ]; then
216 rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
217 testsuccessequal "Reading package lists...
1262d358 218Building dependency tree...
63d60998
DK
219Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
220Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
1262d358
DK
221Need to get 0 B of source archives.
222Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
63d60998
DK
223 msgtest 'Files were not download as hash is unavailable for' "$1"
224 testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
225 fi
1262d358
DK
226
227 rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
25b86db1 228 testsuccessequal "Reading package lists...
1262d358 229Building dependency tree...
895417ef 230Need to get 6 B of source archives.
1da3b7b8
DK
231Get:1 http://localhost:8080 $1 1.0 (dsc) [3 B]
232Get:2 http://localhost:8080 $1 1.0 (tar) [3 B]
1262d358
DK
233Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
234 msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
235 testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
236}
237
63d60998 238testnohash pkg-md5-ok
1262d358
DK
239testok pkg-sha256-ok
240testkeep pkg-sha256-ok
241
242# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is
243# checking the best available hash (as it should), this will trigger
244# a hash mismatch.
245testmismatch pkg-sha256-bad
1262d358
DK
246testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
247
63d60998
DK
248testnohash pkg-md5-bad
249testmismatch pkg-md5-bad --allow-unauthenticated
250
1262d358 251# not having MD5 sum doesn't mean the file doesn't exist at all …
63d60998 252testok pkg-no-md5
1262d358 253testok pkg-no-md5 -o Acquire::ForceHash=SHA256
25b86db1 254testsuccessequal "Reading package lists...
1262d358
DK
255Building dependency tree...
256Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
257Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
258Need to get 0 B of source archives.
259Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum
260msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5'
261testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz
262
263# deal with cases in which we haven't for all files the same checksum type
264# mostly pathologic as this shouldn't happen, but just to be sure
265testok pkg-mixed-ok
25b86db1 266testfailureequal 'Reading package lists...
1262d358 267Building dependency tree...
895417ef 268Need to get 6 B of source archives.
1da3b7b8
DK
269Get:1 http://localhost:8080 pkg-mixed-sha1-bad 1.0 (tar) [3 B]
270Get:2 http://localhost:8080 pkg-mixed-sha1-bad 1.0 (dsc) [3 B]
1eb1836f 271Err:2 http://localhost:8080 pkg-mixed-sha1-bad 1.0 (dsc)
448c38bd 272 Hash Sum mismatch
1262d358
DK
273E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc Hash Sum mismatch
274
275E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad
276msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
277testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
25b86db1 278testfailureequal 'Reading package lists...
1262d358 279Building dependency tree...
895417ef 280Need to get 6 B of source archives.
1da3b7b8 281Get:1 http://localhost:8080 pkg-mixed-sha2-bad 1.0 (tar) [3 B]
1eb1836f 282Err:1 http://localhost:8080 pkg-mixed-sha2-bad 1.0 (tar)
448c38bd 283 Hash Sum mismatch
1da3b7b8 284Get:2 http://localhost:8080 pkg-mixed-sha2-bad 1.0 (dsc) [3 B]
1262d358
DK
285E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch
286
287E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad
288msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad'
289testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz
290
291# it gets even more pathologic: multiple entries for one file, some even disagreeing!
63d60998 292testnohash pkg-md5-agree
25b86db1 293testfailureequal 'Reading package lists...
1262d358
DK
294Building dependency tree...
295E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
25b86db1 296testfailureequal 'Reading package lists...
1262d358
DK
297Building dependency tree...
298E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree